<?
require_once("includes/include.php");
require_once("header.misc.php");

if(!isset($_POST['username']) OR !isset($_POST['username'])) {
	header("location: index.php?msg=Please log in");
	die;
}

connectToDB();

$result=mysql_query("SELECT * FROM `people` WHERE `people_username`='" . mysql_real_escape_string($_POST['username']) . "' AND `people_password`='" . sha1($_POST['p4ssw02d']) . "'");

if(mysql_num_rows($result)) {
	$data=mysql_fetch_array($result);
	session_name("WIMON");
	session_start();
	$_SESSION['id']=$data['people_id'];
	$_SESSION['password']=sha1($_POST['p4ssw02d']);
	header("location: home.php");
	die;
} else {
	header("location: index.php?msg=Password wrong or user does not exist!");
	die;
}
echo "ERROR!";